JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 106.75.5.16

106.75.5.16 was found in our database!

This IP was reported 463 times. Confidence of Abuse is 100%: ?

100%

ISP	Shanghai UCloud Information Technology Company Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS4808
Domain Name	ucloud.cn
Country	🇨🇳 China
City	Beijing, Beijing

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 106.75.5.16

Whois 106.75.5.16

IP Abuse Reports for 106.75.5.16:

This IP address has been reported a total of 463 times from 114 distinct sources. 106.75.5.16 was first reported on January 7th 2026, and the most recent report was 11 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 donarev419	2026-03-07 04:13:44 (2 months ago)	Connection to port 6379 with data transfer. Data preview: help	Port Scan Hacking
🇺🇸 donarev419	2026-03-06 08:27:19 (2 months ago)	Connection to port 280 with data transfer. Data preview: GET / HTTP/1.1 Host: 107.175.212.44:280 A ... show more Connection to port 280 with data transfer. Data preview: GET / HTTP/1.1 Host: 107.175.212.44:280 Accept: / show less	Port Scan Hacking
🇹🇷 Threat.live	2026-03-06 00:05:05 (2 months ago)	Brute Force, tcp/22	Brute-Force
🇫🇷 Thaliruth	2026-03-05 19:15:35 (2 months ago)	Mar 5 20:15:34 151 dovecot: pop3-login: Login aborted: Connection closed (no auth attempts in 0 sec ... show more Mar 5 20:15:34 151 dovecot: pop3-login: Login aborted: Connection closed (no auth attempts in 0 secs) (no_auth_attempts): user=<>, rip=106.75.5.16, lip=46.252.194.151, TLS, session=<nQXHwktMrrRqSwUQ> Mar 5 20:15:34 151 dovecot: pop3-login: Login aborted: Connection closed: SSL_accept() failed: error:0A0000EB:SSL routines::no application protocol (disconnected during TLS handshake) (tls_handshake_not_finished): user=<>, rip=106.75.5.16, lip=46.252.194.151, TLS handshaking: SSL_accept() failed: error:0A0000EB:SSL routines::no application protocol, session=<QD3QwktMUrdqSwUQ> Mar 5 20:15:35 151 dovecot: pop3-login: Login aborted: Connection closed: SSL_accept() failed: error:0A0000EB:SSL routines::no application protocol (disconnected during TLS handshake) (tls_handshake_not_finished): user=<>, rip=106.75.5.16, lip=46.252.194.151, TLS handshaking: SSL_accept() failed: error:0A0000EB:SSL routines::no application protocol, session=<KzPXwktMWLhqSwUQ> ... show less	Hacking Brute-Force
🇩🇪 ValtonTahiri	2026-03-05 14:08:27 (2 months ago)	Honeypot hit: Unauthorized traffic (247 bytes) Payload: ��P�nY@�s3c��¨I�Ε�~�r�{��Z� Ɣ �?��珧��t�� ... show more Honeypot hit: Unauthorized traffic (247 bytes) Payload: ��P�nY@�s3c��¨I�Ε�~�r�{��Z� Ɣ �?��珧��t��Ok�S͑h�,y!Y&�+�/�,�0̨̩� �� /5� � + 3&$ �[�C<�e�=��S��=��Gu��3�& on 12203/TCP (4 attempts) show less	Port Scan
Anonymous	2026-03-05 13:43:40 (2 months ago)	postfix	Email Spam Web App Attack
🇨🇦 Roper123	2026-03-05 13:36:50 (2 months ago)	Web exploits	Hacking Web App Attack
🇫🇷 Papy Abuse	2026-03-05 13:11:23 (2 months ago)	postfix-ddos	DDoS Attack Hacking
🇫🇷 Fasetech	2026-03-05 10:44:27 (2 months ago)	SecLedge detected suspicious activity. Score: 157.92. Sensor: T-Pot.	Brute-Force Web App Attack
Anonymous	2026-03-04 12:38:58 (2 months ago)	fail2ban: Sensitive web probes detected	Web App Attack
🇯🇵 mkaraki	2026-03-04 08:26:04 (2 months ago)	1772612753 # Service_probe # SIGNATURE_SEND # source_ip:106.75.5.16 # dst_port:119 ...	Port Scan
🇦🇺 GE	2026-03-03 10:04:22 (3 months ago)	...	Port Scan
🇦🇱 router.al	2026-03-03 07:48:07 (3 months ago)	03/03/2026-07:48:07.215811 106.75.5.16 Protocol: 6 SURICATA HTTP Request line incomplete	Hacking
🇬🇧 andypiper	2026-03-03 02:01:56 (3 months ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇲🇳 Public CSIRT/CC of Mongolia	2026-03-03 01:08:32 (3 months ago)	Honeypot hit: HTTP/1.1 request on 5985 GET / Accept: /; 5985 [5] TCP	Web App Attack

Showing 316 to 330 of 463 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 199.45.154.151

🇸🇬 107.150.112.233

🇺🇸 2607:f8b0:400e:c05::123

🇺🇸 205.210.31.17

🇭🇰 199.45.155.96

🇳🇱 190.2.149.244

🇫🇷 147.93.93.184

🇻🇳 103.48.82.186

🇳🇱 85.11.167.11

🇺🇸 65.49.1.100

🇳🇱 45.148.10.157

🇩🇪 43.228.157.184

🇮🇳 216.10.245.205

🇳🇱 213.177.179.166

🇬🇧 188.30.79.201

🇨🇳 183.218.213.217

🇺🇸 166.155.116.155

🇮🇳 125.19.179.18

🇮🇳 122.166.49.42

🇰🇷 116.123.150.231